CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 0CVE-2005-3059
https://notcve.org/view.php?id=CVE-2005-3059
Multiple unspecified vulnerabilities in Opera 8.50 on Linux and Windows have unknown impact and attack vectors, related to (1) " handling of must-revalidate cache directive for HTTPS pages" or (2) a "display issue with cookie comment encoding." • http://secunia.com/advisories/16645 http://www.opera.com/docs/changelogs/linux/850 http://www.opera.com/docs/changelogs/windows/850 http://www.vupen.com/english/advisories/2005/1789 •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2005-3041
https://notcve.org/view.php?id=CVE-2005-3041
Unspecified "drag-and-drop vulnerability" in Opera Web Browser before 8.50 on Windows allows "unintentional file uploads." • http://www.opera.com/docs/changelogs/windows/850 http://www.securityfocus.com/bid/14884 http://www.vupen.com/english/advisories/2005/1789 •
CVSS: 5.0EPSS: 1%CPEs: 84EXPL: 0CVE-2005-3006
https://notcve.org/view.php?id=CVE-2005-3006
The mail client in Opera before 8.50 opens attached files from the user's cache directory without warning the user, which might allow remote attackers to inject arbitrary web script and spoof attachment filenames. • http://marc.info/?l=bugtraq&m=112724692219695&w=2 http://secunia.com/advisories/16645 http://secunia.com/secunia_research/2005-42/advisory http://www.opera.com/docs/changelogs/linux/850 http://www.opera.com/docs/changelogs/windows/850 http://www.osvdb.org/19508 http://www.securityfocus.com/advisories/9339 http://www.securityfocus.com/bid/14880 http://www.vupen.com/english/advisories/2005/1789 https://exchange.xforce.ibmcloud.com/vulnerabilities/22335 •
CVSS: 2.6EPSS: 3%CPEs: 1EXPL: 0CVE-2005-3007
https://notcve.org/view.php?id=CVE-2005-3007
Opera before 8.50 allows remote attackers to spoof the content type of files via a filename with a trailing "." (dot), which might allow remote attackers to trick users into processing dangerous content. • http://marc.info/?l=bugtraq&m=112724692219695&w=2 http://secunia.com/advisories/16645 http://secunia.com/secunia_research/2005-42/advisory http://www.opera.com/docs/changelogs/linux/850 http://www.opera.com/docs/changelogs/windows/850 http://www.osvdb.org/19509 http://www.securityfocus.com/advisories/9339 http://www.securityfocus.com/bid/14880 http://www.vupen.com/english/advisories/2005/1789 https://exchange.xforce.ibmcloud.com/vulnerabilities/22337 • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 5.1EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2407
https://notcve.org/view.php?id=CVE-2005-2407
A design error in Opera 8.01 and earlier allows user-assisted attackers to execute arbitrary code by overlaying a malicious new window above a file download dialog box, then tricking the user into double-clicking on the "Run" button, aka "link hijacking". Un error de diseño en Opera 8.01 y anteriores permite a atacantes con la implicación del usuario superponer una ventana nueva maliciosa sobre un cuadro de diálogo de descarga de fichero, y entonces engañar al usuario para que haga doble clic en el botón "Ejecutar", tcc "link hijacking". • http://secunia.com/advisories/15781 http://secunia.com/secunia_research/2005-19/advisory http://securitytracker.com/id?1015353 http://www.opera.com/linux/changelogs/802 http://www.securityfocus.com/bid/15835 http://www.vupen.com/english/advisories/2005/1251 • CWE-1021: Improper Restriction of Rendered UI Layers or Frames •